Configuration options for creating a Deno Sandbox.
List of hostnames / IP addresses with optional port numbers that the sandbox can make outbound network requests to.
If not specified, no network restrictions are applied.
Override the API endpoint to use to connect to Deno Deploy.
The default can also be overridden by setting the DENO_DEPLOY_ENDPOINT
environment variable.
Whether to enable debug logging.
Environment variables to start the sandbox with, in addition to the default
environment variables such as DENO_DEPLOY_ORGANIZATION_ID.
Initial files to create in the sandbox after initialization.
A map of file paths to their contents. Files will be created in the sandbox filesystem before any commands are executed. Parent directories are created automatically.
Labels to set on the sandbox. Up to 5 labels can be specified. Each label key must be at most 64 bytes, and each label value must be at most 128 bytes.
The memory size of the sandbox. Supports plain numbers (interpreted as bytes) and human-readable strings with binary (GiB, MiB, KiB) or decimal (GB, MB, kB) units.
Takes precedence over the deprecated memoryMb option.
The Deno Deploy organization slug to operate within.
This is required when using a personal access token (starts with ddp_).
If not provided, the DENO_DEPLOY_ORG environment variable will be used.
The port number to expose for HTTP access. If specified, the sandbox's
url property will be populated once the sandbox is ready, and can
be used to access the sandbox over HTTP.
Region where the sandbox will be created.
If not specified, the sandbox will be created in the default region.
A volume or snapshot to use as the root filesystem of the sandbox.
If not specified, the default base image will be used. The volume or snapshot must be bootable.
Override the Sandbox API endpoint URL to use to create and communicate with the sandboxes.
The default can also be overridden by setting the DENO_SANDBOX_ENDPOINT
or DENO_SANDBOX_BASE_DOMAIN environment variables.
Secret environment variables that are never exposed to sandbox code. The real secret values are injected on the wire when the sandbox makes HTTPS requests to the specified hosts.
The key is the environment variable name.
Whether to expose SSH access to the sandbox. If true, the sandbox's
ssh property will be populated once the sandbox is ready.
The timeout of the sandbox. When not specified, it defaults to "session".
Takes precedence over the deprecated lifetime option.
"session": Sandbox is destroyed when the primary client disconnects.Deno Deploy access token
Volumes to mount on the sandbox.
The key is the mount path inside the sandbox, and the value is the volume ID or slug.
Authentication configuration for Deno Deploy API.
Sandbox lifetime configuration.
Amount of memory allocated to the sandbox in megabytes.
const options: DenoSandboxOptions = {
memory: "1GiB", // 1GB memory
timeout: "5m", // 5 minutes
region: "ord", // Chicago
};[]["example.com"]["*.example.com"]["example.com:443"]const options: DenoSandboxOptions = {
memory: "1GiB",
initialFiles: {
"/home/app/index.js": "console.log('Hello')",
"/home/app/package.json": '{"name": "test"}',
},
};1342177280"1GiB""1280MiB"const sandbox = await DenoSandbox.create({ port: 8080 });
console.log(sandbox.instance.url);
// => "http://..."const options: DenoSandboxOptions = {
root: "my-volume-slug",
};const options: DenoSandboxOptions = {
secrets: {
OPENAI_API_KEY: {
hosts: ["api.openai.com"],
value: "sk-proj-your-real-key",
},
},
};const sandbox = await DenoSandbox.create({ ssh: true });
console.log(sandbox.instance.ssh);
// => { username: "...", hostname: "..." }"session""600s""20m"const options: DenoSandboxOptions = {
volumes: {
"/data/volume1": "volume-slug-or-id-1",
},
};